The criminal side of the crypto world could soon develop a new scam. Instead of “just” mining crypto currencies without the computer owner’s knowledge and computing power, mining malware could also be used to steal sensitive data. For example, cyber criminals could hack into corporate secrets and bank accounts. This was the finding of a security researcher at the InfoSecurity North America Conference in New York City.
Crypto-jacking has unfortunately been a familiar word in the world of Bitcoin & Co. for a long time. In fact, the number of infections with mining malware has risen by 83 percent this year. As crypto courses are still on a downward trend, cyber criminals could soon add a new “business field” to mining with external computing services: the theft of data.
Bitcoin news about the hacker becomes CEO
Troy Kent, a researcher at Bitcoin news, a network security company, presented his findings at the InfoSecurity North America Conference in New York City. According to CNBC, Kent had researched what other illegal possibilities could be derived from the use of mining malware. With this knowledge he wants to warn companies in time so that they can take appropriate security measures early enough.
Kent explained his Bitcoin formula research findings to CNBC:
“In this attack, humans use a tool, a Bitcoin formula crypto-miner, which they normally see in their network. However, they are not used to reacting as if it were a legitimate threat like a botnet or a Trojan. They can come in and steal files, they can steal intellectual property, steal credentials and then possibly log in as CEO. Or they can download more software. They can shut down services.” Read more about it: https://www.forexaktuell.com/en/bitcoin-formula-scam/
It is not yet known whether this hacking method is already in use. However, Kent is sure that if he has managed to do so, other reasonably technically savvy mining software could also be used to steal data. He sees the greatest danger in the fact that the method is very difficult to uncover. Therefore, most companies would notice such an attack far too late. Accordingly, they should particularly invest in advanced detection methods based on behavior and analysis. In fact, not a surprising verdict from an employee of a cybersecurity company.